Vulnerabilities > CVE-2006-5831 - Input Validation vulnerability in AIOCP

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

aiocp

exploit available

NVD

Published: 2006-11-10

Updated: 2018-10-17

Summary

PHP remote file inclusion vulnerability in admin/code/index.php in All In One Control Panel (AIOCP) 1.3.007 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the load_page parameter.

Vulnerable Configurations

Part	Description	Count
Application	Aiocp Aiocp Aiocp 1.3.000 Aiocp Aiocp 1.3.001 Aiocp Aiocp 1.3.002 Aiocp Aiocp 1.3.003 Aiocp Aiocp 1.3.004 Aiocp Aiocp 1.3.005 Aiocp Aiocp 1.3.006 Aiocp Aiocp 1.3.007	8

Exploit-Db

description	AIOCP 1.3.x /admin/code/index.php load_page Parameter Remote File Inclusion. CVE-2006-5831. Webapps exploit for php platform
id	EDB-ID:28922
last seen	2016-02-03
modified	2006-11-06
published	2006-11-06
reporter	laurent gaffie
source	https://www.exploit-db.com/download/28922/
title	AIOCP 1.3.x /admin/code/index.php load_page Parameter Remote File Inclusion

Summary

Vulnerable Configurations

Exploit-Db

References